aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorIngela Anderton Andin <[email protected]>2014-02-20 11:05:24 +0100
committerIngela Anderton Andin <[email protected]>2014-02-20 11:05:24 +0100
commitfe64a86cd55d53ac452080810860987dbcd3c29e (patch)
treeea05962c3595a1bb3d4c962f388cc296b54130ce
parent656b800e52ebdf71c1a0097270977092c1510147 (diff)
downloadotp-fe64a86cd55d53ac452080810860987dbcd3c29e.tar.gz
otp-fe64a86cd55d53ac452080810860987dbcd3c29e.tar.bz2
otp-fe64a86cd55d53ac452080810860987dbcd3c29e.zip
ssl: Correct clean up of certificate database when certs are inputed
in pure DER format. The incorrect code could cause a memory leek when certs where inputed in DER.
-rw-r--r--lib/ssl/src/ssl_connection.erl6
1 files changed, 3 insertions, 3 deletions
diff --git a/lib/ssl/src/ssl_connection.erl b/lib/ssl/src/ssl_connection.erl
index 82106935cb..e283e6079e 100644
--- a/lib/ssl/src/ssl_connection.erl
+++ b/lib/ssl/src/ssl_connection.erl
@@ -1,7 +1,7 @@
%%
%% %CopyrightBegin%
%%
-%% Copyright Ericsson AB 2013-2013. All Rights Reserved.
+%% Copyright Ericsson AB 2013-2014. All Rights Reserved.
%%
%% The contents of this file are subject to the Erlang Public License,
%% Version 1.1, (the "License"); you may not use this file except in
@@ -1757,12 +1757,12 @@ handle_unrecv_data(StateName, #state{socket = Socket, transport_cb = Transport,
Connection:handle_close_alert(Data, StateName, State)
end.
-handle_trusted_certs_db(#state{ssl_options = #ssl_options{cacertfile = <<>>}}) ->
+handle_trusted_certs_db(#state{ssl_options = #ssl_options{cacertfile = <<>>, cacerts = []}}) ->
%% No trusted certs specified
ok;
handle_trusted_certs_db(#state{cert_db_ref = Ref,
cert_db = CertDb,
- ssl_options = #ssl_options{cacertfile = undefined}}) ->
+ ssl_options = #ssl_options{cacertfile = <<>>}}) ->
%% Certs provided as DER directly can not be shared
%% with other connections and it is safe to delete them when the connection ends.
ssl_pkix_db:remove_trusted_certs(Ref, CertDb);